The Code Review skill applies a configurable rubric to a PR or diff: project conventions, security risk, test coverage, readability, duplication. Output: structured review comments grouped by severity, ready to paste into a GitHub PR review.
What it produces: a Markdown report with three severity tiers — Block (correctness or security; merging would cause real harm), Suggest (style, idiom, missed test cases), and Nit (formatting, naming preferences). Each comment cites the file + line and proposes a concrete change.
Best for: solo founders who don’t have a second set of eyes on every PR, or small teams using it as a first-pass before human review. Particularly leveraged when the diff is in a language or framework where you’re not the strongest reviewer.
Skip if: you have a senior reviewer on the team and clear conventions — the skill won’t replace someone who’s lived in the codebase for a year. It’s a junior reviewer’s checklist applied with discipline, not a senior’s judgment.
Setup gotchas: the rubric is the skill’s value. Drop a .claude/conventions.md in the repo with your real rules — naming, error handling, test coverage minimums, banned imports. Without conventions, the review defaults to generic best-practice and produces noisy output that humans will ignore.
Real-world workflow: every Claude Code-generated PR runs through this skill before I look at it. The agent self-reviews, fixes the Block-tier issues, and presents the diff with a “I auto-fixed N issues, M remain” preamble. My human review time per PR drops from 20 minutes to 5.
Compatible alternatives: GitHub MCP Server to post the review back as PR comments programmatically. Brand Voice for the equivalent on copy reviews.
Configure the rubric. Without it the output is generic and skippable.